I've just installed ISA Server 2004 on our test network. Our test network comprises of: - Windows 2003 Domain. - ISA Server 2004 is on a Windows 2000 Server. - Domain controller running Windows 2003 Server.
The network structure has: - Firewall. - ISA Server 2004
Therefore I need to use a back-to-back structure, where ISA Server sits against the firewall. All IP addresses are static.
I read the manual which stated that I needed to have DNS and DHCP installed. I installed DHCP, but I don't see why I need it if my network uses static IP addresses. I followed the walk through that came with the CD, but it hasn't got me very far as my network is not DHCP. Also none of the network templates are applicable to me. How do I get ISA Server to forward onto the firewall and do I need to specify a script on the client to gain access to the internet? I have tried creating a firewall policy but it hasn't got me very far. Any advice that you can give me would be much appreciated.
What manual said the ISA firewall needs to be a DHCP server? The one I wrote said you should install the DHCP server only if you need it. You should have a DHCP server to support your VPN clients, though.
I don't use a VPN, but when I was installing ISA Server 2004 it informed me that having a DHCP server running was a requirement prior to the installation.
I was sent the following link: isa server 2004 kits and tried following through the configuration guide. I also tried using the walkthroughs that come with the CD. Do you have any recommendations as the walkthrough didn't work for me?
I wrote the ISA 2004 kits and in the getting started guide I recommended putting a DHCP server on the ISA firewall if you didn't already have a DHCP server on your network. If you already have a DHCP server on your network, or don't need one to support VPN client connections, then there's no reason to install the DHCP server on the ISA firewall.
I'm trying to setup a proxy server without the need for the firewall part of ISA Server 2004. My understanding is that the proxy server is specified in the browser settings. Therefore when a web page request is made it is forwarded onto the proxy server. The proxy server checks the privileges that the user has and then based on the rights forwards the request onto a gateway address. What I'm unsure about is where to specify the gateway address. I have setup a rule that only allows traffic that is "http" or "https". What's the best way of specifying this?
Did you know that the ISA firewall was both a stateful filtering and stateful application layer inspection firewall, more powerful and more secure than PIX or Netscreen? Why use is only has a dumbed down Web proxy only?
The firewall features are something that I will explore at later date. The problem at the moment is that more and more people within the company need access to the web and only to a few sites. Therefore giving them full access has caused an increase in SPAM. My view is to implement the proxy first and then gradually move over to the firewall. Unfortunately I'm stuck on the proxy and I'm unable to view web pages using ISA Server. Any ideas?